1. Cybersecurity >
  2. Cybersecurity Nachrichten >
  3. Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security


Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security

IT Security Nachrichten vom | Direktlink: feedproxy.google.com Nachrichten Bewertung

Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
  • Monitoring: Packet capture and export of data to text files for further processing by third party tools.
  • Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.
  • Testing: Checking WiFi cards and driver capabilities (capture and injection).
  • Cracking: WEP and WPA PSK (WPA 1 and 2).
All tools are command line which allows for heavy scripting. A lot of GUIs have taken advantage of this feature. It works primarily Linux but also Windows, OS X, FreeBSD, OpenBSD, NetBSD, as well as Solaris and even eComStation 2.

It's been more than a year since the last release, and this one brings a ton of improvements.

The most noticeable change are the rate display in Airodump-ng. Previously, it went up to 54Mbit. Now, it takes into account the complexity of 802.11n/ac and calculates the maximum rate that can be achieved on the AP. Expect 802.11ax rates in the next release. We brought basic UTF-8 support for ESSID and if you ever come across WPA3 or OWE, this will be displayed correctly as well. Airodump-ng has had the ability to read PCAP files for quite some time, which can be handy to generate one of the CSV/netxml or other output formats available. However, signal levels were not displayed; this has now been fixed. A new option has been added to read the files in realtime, instead of reading all at once.

Huge improvements have been done under the hood as well. Code has been cleaned up, deduplicated (Pull Request 2010), reorganized (Pull Request 2032), which lead to a lot of fixes.

This reorganization also updated the build system, which now requires automake 1.14+. This was a problem on CentOS 7, but we provide a script to install these requirements from source to solve the issue; although automake 1.14 (and other dependencies) have been released 6+ years ago, CentOS is the only distribution that doesn't have it, and it was decided to provide a script to install the requirements was a small price to pay to improve and simplify the build system.

Other tools received fixes as well:
  • Along with a few fixes, Airmon-ng now handles more network managers, and persistent ones; no need to run airmon-ng check kill a few times for the network managers that keep restarting.
  • Airdecap-ng can now decrypt both sides of the conversation when WDS is in use.
  • As usual, we updated WPE patches for freeradius and HostAPd.
  • Python 2 is dead as of January 1st, and now all our scripts support Python 3. If you are still running Python 2, don't worry, they are still backward compatible.
  • Aircrack-ng contains fixes for a few crashes and other regressions, as well as improved CPU detection in some cases (-u option).

We have been working on our infrastructure and have a buildbot server with quite a few systems. If you head up to our buildbot landing page, you can see the extent of the build system: 14 systems to test build on top of AppVeyor, TravisCI, and Coverity Scan, plus one to automatically package it and upload packages to packagecloud.io. It gets triggered every time we push code to our GitHub repository and you can see the details of each build for each commit on GitHub. We have an earlier blog post where you can find some details of our CI/CD.
We are currently working on bringing Mac infrastructure as well.

We keep working on our automated tests, and a few have been added; this release also brings integration tests (16 for now) to automatically test different features of airodump-ng, aireplay-ng, airbase-ng and others.

In case you find security issues in Aircrack-ng or our domains, we recently added a security policy to explain how to report them. It is on GitHub, on our website, as well as security.txt.

And finally, what you've been waiting for, the full changelog:
  • Aircrack-ng: Added support for MidnightBSD
  • Aircrack-ng: Fixed ARM processors display with -u
  • Aircrack-ng: Fixed AVX-512F support
  • Aircrack-ng: Fixed cracking speed calculation
  • Aircrack-ng: Fixed cracking WEP beyond 10k IVS
  • Aircrack-ng: Fixed creating new session and added test case
  • Aircrack-ng: Fixed encryption display in some cases when prompting for network to crack
  • Aircrack-ng: Fixed exiting Aircrack-ng in some cases
  • Aircrack-ng: Fixed logical and physical processor count detection
  • Aircrack-ng: Fixed PMKID length check
  • Aircrack-ng: Various fixes and improvements to WPA cracking engine and its performance
  • Airdecap-ng: Decrypt both directions when WDS is in use
  • Airdecap-ng: Fixed decrypting WPA PCAP when BSSID changes
  • Airgraph-ng: Added support for WPA3
  • Airgraph-ng: Switch to argparse
  • Airmon-ng: Added detection for wicd, Intel Wireless Daemon (iwd), net_applet
  • Airmon-ng: Handle case when avahi keeps getting restarted
  • Airmon-ng: Indicates when interface doesn't exist
  • Airodump-ng: Added autocolorization interactive key
  • Airodump-ng: Added option to read PCAP in realtime (-T)
  • Airodump-ng: Added PMKID detection
  • Airodump-ng: Added support for GMAC
  • Airodump-ng: Added support for WPA3 and OWE (Enhanced Open)
  • Airodump-ng: Basic UTF-8 support
  • Airodump-ng: Checked management frames are complete before processing IE to avoid switch from WEP to WPA
  • Airodump-ng: Display signal when reading from PCAP
  • Airodump-ng: Fixed netxml output with hidden SSID
  • Airodump-ng: Improved rates calculation for 802.11n/ac
  • Airtun-ng: Fixed using -p with -e
  • Autoconf: Fixed order of ssl and crypto libraries
  • dcrack: Fixed client reporting benchmark
  • dcrack: Now handles chunked encoding when communicating (default in Python3)
  • Freeradius-WPE: Updated patch for v3.0.20
  • General: Added NetBSD endianness support
  • General: Added python3 support to scripts
  • General: Added script to update autotools on CentOS 7
  • General: Added security policy to report security issues
  • General: Reorganizing filesystem layout (See PR 2032), and switch to automake 1.14+
  • General: Convert to non-recursive make (part of PR 2032)
  • General: Deduplicating functions and code cleanups
  • General: Fixed packaging on cygwin due to openssl library name change
  • General: Fixed SPARC build on Solaris 11
  • General: Removed coveralls.io
  • General: Updated dependencies in README.md/INSTALLING
  • General: Use upstream radiotap libary, as a sub-tree
  • General: various fixes and improvements (code, CI, integration tests, coverity)
  • HostAPd-WPE: Updated for v2.9
  • Manpages: Fixes and improvements
  • Tests: Added Integration tests for aireplay-ng, airodump-ng, aircrack-ng, airbase-ng, and others
  • Tests: Added tests for airdecap-ng, aircrack-ng


  • Autoconf
  • Automake
  • Libtool
  • shtool
  • OpenSSL development package or libgcrypt development package.
  • Airmon-ng (Linux) requires ethtool.
  • On windows, cygwin has to be used and it also requires w32api package.
  • On Windows, if using clang, libiconv and libiconv-devel
  • Linux: LibNetlink 1 or 3. It can be disabled by passing --disable-libnl to configure.
  • pkg-config (pkgconf on FreeBSD)
  • FreeBSD, OpenBSD, NetBSD, Solaris and OS X with macports: gmake
  • Linux/Cygwin: make and Standard C++ Library development package (Debian: libstdc++-dev)

Optional stuff
  • If you want SSID filtering with regular expression in airodump-ng (-essid-regex) pcre development package is required.
  • If you want to use airolib-ng and '-r' option in aircrack-ng, SQLite development package >= 3.3.17 (3.6.X version or better is recommended)
  • If you want to use Airpcap, the 'developer' directory from the CD/ISO/SDK is required.
  • In order to build besside-ng, besside-ng-crawler, easside-ng, tkiptun-ng and wesside-ng, libpcap development package is required (on Cygwin, use the Aircap SDK instead; see above)
  • For best performance on FreeBSD (50-70% more), install gcc5 (or better) via: pkg install gcc9
  • rfkill
  • If you want Airodump-ng to log GPS coordinates, gpsd is needed
  • For best performance on SMP machines, ensure the hwloc library and headers are installed. It is strongly recommended on high core count systems, it may give a serious speed boost
  • CMocka for unit testing
  • For intergation testing on Linux only: tcpdump, HostAPd, WPA Supplicant and screen

Installing required and optional dependencies
Below are instructions for installing the basic requirements to build aircrack-ng for a number of operating systems.
Note: CMocka, tcpdump, screen, HostAPd and WPA Supplicant should not be dependencies when packaging Aircrack-ng.


sudo apt-get install build-essential autoconf automake libtool pkg-config libnl-3-dev libnl-genl-3-dev libssl-dev ethtool shtool rfkill zlib1g-dev libpcap-dev libsqlite3-dev libpcre3-dev libhwloc-dev libcmocka-dev hostapd wpasupplicant tcpdump screen iw usbutils

sudo yum install libtool pkgconfig sqlite-devel autoconf automake openssl-devel libpcap-devel pcre-devel rfkill libnl3-devel gcc gcc-c++ ethtool hwloc-devel libcmocka-devel git make file expect hostapd wpa_supplicant iw usbutils tcpdump screen
Note: on CentOS and RedHat, HostAPd requires 'epel' repository to be enabled: sudo yum install epel-release

sudo zypper install autoconf automake libtool pkg-config libnl3-devel libopenssl-1_1-devel zlib-devel libpcap-devel sqlite3-devel pcre-devel hwloc-devel libcmocka-devel hostapd wpa_supplicant tcpdump screen iw gcc-c++ gcc

sudo urpmi autoconf automake libtool pkgconfig libnl3-devel libopenssl-devel zlib-devel libpcap-devel sqlite3-devel pcre-devel hwloc-devel libcmocka-devel hostapd wpa_supplicant tcpdump screen iw gcc-c++ gcc make

sudo apk add gcc g++ make autoconf automake libtool libnl3-dev openssl-dev ethtool libpcap-dev cmocka-dev hostapd wpa_supplicant tcpdump screen iw pkgconf util-linux sqlite-dev pcre-dev linux-headers zlib-dev


pkg install pkgconf shtool libtool gcc9 automake autoconf pcre sqlite3 openssl gmake hwloc cmocka

pkg install pkgconf shtool libtool gcc8 automake autoconf pcre sqlite3 libgcrypt gmake cmocka

pkg_add pkgconf shtool libtool gcc automake autoconf pcre sqlite3 openssl gmake cmocka

XCode, Xcode command line tools and HomeBrew are required.
brew install autoconf automake libtool openssl shtool pkg-config hwloc pcre sqlite3 libpcap cmocka


Cygwin requires the full path to the setup.exe utility, in order to automate the installation of the necessary packages. In addition, it requires the location of your installation, a path to the cached packages download location, and a mirror URL.
An example of automatically installing all the dependencies is as follows:
c:\cygwin\setup-x86.exe -qnNdO -R C:/cygwin -s http://cygwin.mirror.constant.com -l C:/cygwin/var/cache/setup -P autoconf -P automake -P bison -P gcc-core -P gcc-g++ -P mingw-runtime -P mingw-binutils -P mingw-gcc-core -P mingw-gcc-g++ -P mingw-pthreads -P mingw-w32api -P libtool -P make -P python -P gettext-devel -P gettext -P intltool -P libiconv -P pkg-config -P git -P wget -P curl -P libpcre-devel -P libssl-devel -P libsqlite3-devel

pacman -Sy autoconf automake-wrapper libtool msys2-w32api-headers msys2-w32api-runtime gcc pkg-config git python openssl-devel openssl libopenssl msys2-runtime-devel gcc binutils make pcre-devel libsqlite-devel

To build aircrack-ng, the Autotools build system is utilized. Autotools replaces the older method of compilation.
NOTE: If utilizing a developer version, eg: one checked out from source control, you will need to run a pre-configure script. The script to use is one of the following: autoreconf -i or env NOCONFIGURE=1 ./autogen.sh.
First, ./configure the project for building with the appropriate options specified for your environment:
./configure <options>
TIP: If the above fails, please see above about developer source control versions.
Next, compile the project (respecting if make or gmake is needed):
  • Compilation:
  • Compilation on *BSD or Solaris:
Finally, the additional targets listed below may be of use in your environment:
  • Execute all unit testing:
    make check
  • Execute all integration testing (requires root):
    make integration
  • Installing:
    make install
  • Uninstall:
    make uninstall

./configure flags
When configuring, the following flags can be used and combined to adjust the suite to your choosing:
  • with-airpcap=DIR: needed for supporting airpcap devices on windows (cygwin or msys2 only) Replace DIR above with the absolute location to the root of the extracted source code from the Airpcap CD or downloaded SDK available online. Required on Windows to build besside-ng, besside-ng-crawler, easside-ng, tkiptun-ng and wesside-ng when building experimental tools. The developer pack (Compatible with version 4.1.1 and 4.1.3) can be downloaded at https://support.riverbed.com/content/support/software/steelcentral-npm/airpcap.html
  • with-experimental: needed to compile tkiptun-ng, easside-ng, buddy-ng, buddy-ng-crawler, airventriloquist and wesside-ng. libpcap development package is also required to compile most of the tools. If not present, not all experimental tools will be built. On Cygwin, libpcap is not present and the Airpcap SDK replaces it. See --with-airpcap option above.
  • with-ext-scripts: needed to build airoscript-ng, versuck-ng, airgraph-ng and airdrop-ng. Note: Each script has its own dependencies.
  • with-gcrypt: Use libgcrypt crypto library instead of the default OpenSSL. And also use internal fast sha1 implementation (borrowed from GIT) Dependency (Debian): libgcrypt20-dev
  • with-duma: Compile with DUMA support. DUMA is a library to detect buffer overruns and under-runs. Dependencies (debian): duma
  • disable-libnl: Set-up the project to be compiled without libnl (1 or 3). Linux option only.
  • without-opt: Do not enable stack protector (on GCC 4.9 and above).
  • enable-shared: Make OSdep a shared library.
  • disable-shared: When combined with enable-static, it will statically compile Aircrack-ng.
  • with-avx512: On x86, add support for AVX512 instructions in aircrack-ng. Only use it when the current CPU supports AVX512.
  • with-static-simd=: Compile a single optimization in aircrack-ng binary. Useful when compiling statically and/or for space-constrained devices. Valid SIMD options: x86-sse2, x86-avx, x86-avx2, x86-avx512, ppc-altivec, ppc-power8, arm-neon, arm-asimd. Must be used with --enable-static --disable-shared. When using those 2 options, the default is to compile the generic optimization in the binary. --with-static-simd merely allows to choose another one.

  • Configure and compiling:
    ./configure --with-experimental
  • Compiling with gcrypt:
    ./configure --with-gcrypt
  • Installing:
    make install
  • Installing (strip binaries):
    make install-strip
  • Installing, with external scripts:
    ./configure --with-experimental --with-ext-scripts
    make install
  • Testing (with sqlite, experimental and pcre)
    ./configure --with-experimental
    make check
  • Compiling on OS X with macports (and all options):
    ./configure --with-experimental
  • Compiling on OS X 10.10 with XCode 7.1 and Homebrew:
    env CC=gcc-4.9 CXX=g++-4.9 ./configure
    make check
    NOTE: Older XCode ships with a version of LLVM that does not support CPU feature detection; which causes the ./configure to fail. To work around this older LLVM, it is required that a different compile suite is used, such as GCC or a newer LLVM from Homebrew.
    If you wish to use OpenSSL from Homebrew, you may need to specify the location to its' installation. To figure out where OpenSSL lives, run:
    brew --prefix openssl
    Use the output above as the DIR for --with-openssl=DIR in the ./configure line:
    env CC=gcc-4.9 CXX=g++-4.9 ./configure --with-openssl=DIR
    make check
  • Compiling on FreeBSD with gcc9
    env CC=gcc9 CXX=g++9 MAKE=gmake ./configure
  • Compiling on Cygwin with Airpcap (assuming Airpcap devpack is unpacked in Aircrack-ng directory)
    cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src
    cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-osdep
    cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-crypto
    cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-util
    dlltool -D Airpcap_Devpack/bin/x86/airpcap.dll -d build/airpcap.dll.def -l Airpcap_Devpack/bin/x86/libairpcap.dll.a
    autoreconf -i
    ./configure --with-experimental --with-airpcap=$(pwd)
  • Compiling on DragonflyBSD with gcrypt using GCC 8
    autoreconf -i
    env CC=gcc8 CXX=g++8 MAKE=gmake ./configure --with-experimental --with-gcrypt
  • Compiling on OpenBSD (with autoconf 2.69 and automake 1.16)
    export AUTOCONF_VERSION=2.69
    export AUTOMAKE_VERSION=1.16
    autoreconf -i
    env MAKE=gmake ./configure
  • Compiling and debugging aircrack-ng
    export CFLAGS='-O0 -g'
    export CXXFLAGS='-O0 -g'
    LD_LIBRARY_PATH=.libs gdb --args ./aircrack-ng [PARAMETERS]

Automatic detection of CPU optimization is done at run time. This behavior is desirable when packaging Aircrack-ng (for a Linux or other distribution.)
Also, in some cases it may be desired to provide your own flags completely and not having the suite auto-detect a number of optimizations. To do this, add the additional flag --without-opt to the ./configure line:
./configure --without-opt

Using precompiled binaries

  • Use your package manager to download aircrack-ng
  • In most cases, they have an old version.

  • Install the appropriate "monitor" driver for your card (standard drivers doesn't work for capturing data).
  • aircrack-ng suite is command line tools. So, you have to open a commandline Start menu -> Run... -> cmd.exe then use them
  • Run the executables without any parameters to have help

Documentation, tutorials, ... can be found on https://aircrack-ng.org
See also manpages and the forum.
For further information check the README file


Externe Quelle mit kompletten Inhalt anzeigen

Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security

vom 1272.06 Punkte ic_school_black_18dp
Aircrack-ng is a complete suite of tools to assess WiFi network security.It focuses on different areas of WiFi security:Monitoring: Packet capture and export of data to text files for further processing by third party tools.Attacking: Replay attacks, d

Aircrack-ng 1.5 - Complete Suite Of Tools To Assess WiFi Network Security

vom 580.6 Punkte ic_school_black_18dp
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and others via packet injection. Testing: Checking WiFi cards and driver capabilities (capture and injection). Cracking: WEP

Aircrack-ng 1.4 - Complete Suite Of Tools To Assess WiFi Network Security

vom 518.35 Punkte ic_school_black_18dp
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks

Sparrow-Wifi - Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux

vom 410.83 Punkte ic_school_black_18dp
Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In i

Malcolm - A Powerful, Easily Deployable Network Traffic Analysis Tool Suite For Full Packet Capture Artifacts (PCAP Files) And Zeek Logs

vom 386.27 Punkte ic_school_black_18dp
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be

TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

vom 306.89 Punkte ic_school_black_18dp
Original release date: April 16, 2018Systems Affected Generic Routing Encapsulation (GRE) Enabled DevicesCisco Smart Install (SMI) Enabled DevicesSimple Network Management Protocol (SNMP) Enabled Network DevicesOverview This joint Technical Alert (TA) is the result of analy

15 free WiFi security testing tools

vom 283.54 Punkte ic_school_black_18dp
For enterprise IT managers and network administrators, the best way to protect a relatively fragile WiFi network is to hack into your own wireless network with the most popular and "hot" tools in hacker circles and figure out a network security vulner

AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

vom 281.7 Punkte ic_school_black_18dp
Original release date: October 11, 2018Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5] In it we highlight the use of five publicly

Some-Tools - Install And Keep Up To Date Some Pentesting Tools

vom 280.09 Punkte ic_school_black_18dp
Some-ToolsWhyI was looking for a way to manage and keep up to date some tools that are not include in Kali-Linux. For exemple, I was looking for an easy way to manage privilege escalation scripts. One day I saw sec-tools from eugenekolo (which you can see at the bottom of the page) and it gave me the motivation to start working on mine right away.But keep in mind that is different. I built this for people that are working with Kali. Should work on others d

Building solutions using the G Suite developer platform

vom 259.85 Punkte ic_school_black_18dp
Posted by Charles Maxson, Developer Advocate, G SuiteMillions of users know G Suite as a collection of communication and productivity apps that enables teams to easily create, communicate, collaborate, and discover content to supercharge teamwork. B

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

vom 249.55 Punkte ic_school_black_18dp
Original release date: September 1, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical appro

AA20-239A: FASTCash 2.0: North Korea&#039;s BeagleBoyz Robbing Banks

vom 227.03 Punkte ic_school_black_18dp
Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is

Team Security Diskussion über Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security